Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-recidive all – anywhere anywhere
fail2ban-SIP all – anywhere anywhere
fail2ban-SSH tcp – anywhere anywhere multiport dports ssh
fpbxfirewall all – anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-SIP (1 references)
target prot opt source destination
RETURN all – anywhere anywhere
Chain fail2ban-SSH (1 references)
target prot opt source destination
RETURN all – anywhere anywhere
Chain fail2ban-recidive (1 references)
target prot opt source destination
REJECT all – 77.247.110.89 anywhere reject-with icmp-port-unreachable
REJECT all – ns3022515.ip-178-33-231.eu anywhere reject-with icmp-port-unreachable
REJECT all – 195-154-28-205.rev.poneytelecom.eu anywhere reject-with icmp-port-unreachable
REJECT all – 151.106.59.214 anywhere reject-with icmp-port-unreachable
REJECT all – 195-154-29-10.rev.poneytelecom.eu anywhere reject-with icmp-port-unreachable
RETURN all – anywhere anywhere
Chain fpbx-rtp (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpts:ndmp:dnp
ACCEPT udp – anywhere anywhere udp dpts:terabase:hfcs-manager
Chain fpbxattacker (6 references)
target prot opt source destination
all – anywhere anywhere recent: SET name: ATTACKER side: source mask: 255.255.255.255
DROP all – anywhere anywhere
Chain fpbxblacklist (1 references)
target prot opt source destination
Chain fpbxfirewall (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere
ACCEPT tcp – anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp – anywhere anywhere
ACCEPT all – anywhere 255.255.255.255
ACCEPT all – anywhere anywhere PKTTYPE = multicast
ACCEPT udp – anywhere anywhere udp spts:bootps:bootpc dpts:bootps:bootpc
fpbx-rtp all – anywhere anywhere
fpbxblacklist all – anywhere anywhere
fpbxsignalling all – anywhere anywhere
fpbxsmarthosts all – anywhere anywhere
fpbxregistrations all – anywhere anywhere
fpbxnets all – anywhere anywhere
fpbxhosts all – anywhere anywhere
fpbxinterfaces all – anywhere anywhere
fpbxreject all – anywhere anywhere
fpbxrfw all – anywhere anywhere mark match 0x2/0x2
ACCEPT udp – anywhere anywhere state RELATED,ESTABLISHED
fpbxlogdrop all – anywhere anywhere
Chain fpbxhosts (1 references)
target prot opt source destination
zone-trusted all – localhost anywhere
zone-trusted all – pbx-004 anywhere
Chain fpbxinterfaces (1 references)
target prot opt source destination
zone-external all – anywhere anywhere
Chain fpbxknownreg (0 references)
target prot opt source destination
all – anywhere anywhere recent: REMOVE name: REPEAT side: source mask:255.255.255.255
all – anywhere anywhere recent: REMOVE name: ATTACKER side: source mask: 255.255.255.255
MARK all – anywhere anywhere MARK or 0x4
ACCEPT all – anywhere anywhere mark match 0x1/0x1
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-restapps all – anywhere anywhere
fpbxsvc-restapps_ssl all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere
Chain fpbxlogdrop (1 references)
target prot opt source destination
DROP all – anywhere anywhere
Chain fpbxnets (1 references)
target prot opt source destination
zone-trusted all – 26.ip-79-137-39.eu anywhere
zone-trusted all – 0.ip-79-137-39.eu/24 anywhere
Chain fpbxratelimit (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere mark match 0x4/0x4
ACCEPT all – anywhere anywhere recent: CHECK seconds: 90 hit_count: 1 name: WHITELIST side: source mask: 255.255.255.255
all – anywhere anywhere state NEW recent: SET name: REPEAT side: source mask: 255.255.255.255
all – anywhere anywhere state NEW recent: SET name: DISCOVERED side: source mask: 255.255.255.255
LOG all – anywhere anywhere LOG level warning
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 1 name: ATTACKER side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 200name: REPEAT side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 300 hit_count: 100 name: REPEAT side: source mask: 255.255.255.255
fpbxshortblock all – anywhere anywhere recent: CHECK seconds: 60 hit_count: 50 name: REPEAT side: source mask: 255.255.255.255
ACCEPT all – anywhere anywhere
Chain fpbxregistrations (1 references)
target prot opt source destination
Chain fpbxreject (1 references)
target prot opt source destination
rejsvc-nfs all – anywhere anywhere
rejsvc-smb all – anywhere anywhere
Chain fpbxrfw (1 references)
target prot opt source destination
ACCEPT all – anywhere anywhere recent: CHECK seconds: 90 hit_count: 1 name: WHITELIST side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: REPEAT side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: DISCOVERED side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 10 hit_count: 50 name: REPEAT side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 1 name: ATTACKER side: source mask: 255.255.255.255
fpbxshortblock all – anywhere anywhere recent: CHECK seconds: 60 hit_count: 10 name: SIGNALLING side: source mask: 255.255.255.255
all – anywhere anywhere recent: SET name: SIGNALLING side: source mask: 255.255.255.255
fpbxattacker all – anywhere anywhere recent: CHECK seconds: 86400 hit_count: 100name: REPEAT side: source mask: 255.255.255.255
ACCEPT all – anywhere anywhere
Chain fpbxshortblock (2 references)
target prot opt source destination
all – anywhere anywhere recent: SET name: CLAMPED side: source mask: 255.255.255.255
REJECT all – anywhere anywhere reject-with icmp-port-unreachable
Chain fpbxsignalling (1 references)
target prot opt source destination
MARK udp – anywhere anywhere udp dpt:5160 MARK set 0x1
MARK udp – anywhere anywhere udp dpt:sip MARK set 0x1
Chain fpbxsmarthosts (1 references)
target prot opt source destination
Chain fpbxsvc-chansip (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:5160
Chain fpbxsvc-ftp (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:ftp
Chain fpbxsvc-http (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:http
Chain fpbxsvc-https (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:https
Chain fpbxsvc-iax (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:iax
Chain fpbxsvc-isymphony (1 references)
target prot opt source destination
Chain fpbxsvc-letsencrypt (0 references)
target prot opt source destination
Chain fpbxsvc-nfs (0 references)
target prot opt source destination
Chain fpbxsvc-pjsip (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:sip
Chain fpbxsvc-provis (3 references)
target prot opt source destination
fpbxratelimit tcp – anywhere anywhere tcp dpt:ctf
Chain fpbxsvc-provis_ssl (3 references)
target prot opt source destination
Chain fpbxsvc-restapps (2 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:xfer
Chain fpbxsvc-restapps_ssl (2 references)
target prot opt source destination
Chain fpbxsvc-smb (0 references)
target prot opt source destination
Chain fpbxsvc-ssh (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:ssh
Chain fpbxsvc-tftp (1 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:tftp
Chain fpbxsvc-ucp (4 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:81
ACCEPT tcp – anywhere anywhere tcp dpt:vcom-tunnel
ACCEPT tcp – anywhere anywhere tcp dpt:mcreport
Chain fpbxsvc-vpn (3 references)
target prot opt source destination
ACCEPT udp – anywhere anywhere udp dpt:openvpn
Chain fpbxsvc-webrtc (1 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:radan-http
ACCEPT tcp – anywhere anywhere tcp dpt:8089
Chain fpbxsvc-xmpp (3 references)
target prot opt source destination
ACCEPT tcp – anywhere anywhere tcp dpt:xmpp-client
Chain fpbxsvc-zulu (4 references)
target prot opt source destination
Chain rejsvc-nfs (1 references)
target prot opt source destination
Chain rejsvc-smb (1 references)
target prot opt source destination
Chain zone-external (1 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x10
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere
Chain zone-internal (0 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x4
fpbxsvc-ssh all – anywhere anywhere
fpbxsvc-http all – anywhere anywhere
fpbxsvc-https all – anywhere anywhere
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-pjsip all – anywhere anywhere
fpbxsvc-chansip all – anywhere anywhere
fpbxsvc-iax all – anywhere anywhere
fpbxsvc-webrtc all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-isymphony all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-restapps all – anywhere anywhere
fpbxsvc-restapps_ssl all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere
fpbxsvc-ftp all – anywhere anywhere
fpbxsvc-tftp all – anywhere anywhere
Chain zone-other (0 references)
target prot opt source destination
MARK all – anywhere anywhere MARK or 0x8
fpbxsvc-ucp all – anywhere anywhere
fpbxsvc-zulu all – anywhere anywhere
fpbxsvc-provis all – anywhere anywhere
fpbxsvc-provis_ssl all – anywhere anywhere
fpbxsvc-vpn all – anywhere anywhere
fpbxsvc-xmpp all – anywhere anywhere
Chain zone-trusted (4 references)
target prot opt source destination
ACCEPT all – anywhere anywhere